📊 2026-05-26 漏洞情报日报 · 200 条 · 高危 76
每日漏洞情报汇总 · 2026-05-26
📊 2026-05-26 漏洞情报日报
📋 共 200 条
🔥 高危/严重 76 条
🚨 CISA-KEV 1 条
🐙 GitHub-Advisory 13 条 🔥7
🛡️ NVD-Latest 69 条 🔥69
⚔️ Sploitus 117 条
🤖 今日安全态势分析
🎯 今日重点关注
- UniFi OS 三连击 (CVE-2026-34908, CVE-2026-34909, CVE-2026-34910): Ubiquiti UniFi OS 设备爆出三个CVSS 10.0漏洞,分别涉及命令注入、路径遍历和权限控制缺陷。攻击者只需网络可达,即可实现设备完全控制,影响面极广。
- Nezha Monitoring 跨租户命令执行 (CVE-2026-46716): 开源监控面板Nezha中,普通的RoleMember角色用户可通过Cron API接口在所有受监控服务器上执行任意Shell命令。此漏洞可导致严重的横向移动和权限蔓延,需立即修补。
- YesWiki 未授权SQL注入 (CVE-2026-46670): 流行Wiki系统YesWiki默认安装中,未经认证的访客即可在Bazar表单导入路径触发SQL注入。攻击者可读取整个数据库,导致敏感信息泄露。
- Trend Micro Apex One 控制台代码执行 (CVE-2025-71210/71211): 企业级防病毒管理控制台存在两个CVSS 9.8漏洞,允许远程攻击者上传恶意文件并执行命令。作为企业核心安全管理节点遭攻陷,后果严重。
📈 威胁趋势
- 远程代码执行 (RCE): 今日趋势核心。UniFi OS命令注入(CVE-2026-34910)、Nezha跨租户命令执行(CVE-2026-46716)、Trend Micro Apex One恶意上传等均属此类,攻击路径多为网络可达或低权限用户。
- 权限提升与绕过: Nezha的SSRF (CVE-2026-46717) 和 Arcane全局变量未授权修改 (CVE-2026-47125) 均因缺少管理员权限校验,导致低权限用户可执行越权操作。
- 注入攻击 (SQL/反序列化): YesWiki未授权SQL注入(CVE-2026-46670)直取数据库;Apache PyFory反序列化(CVE-2026-48207)可绕过校验,风险极高。
- 拒绝服务 (DoS): Parse Server的客户端版本头部处理(CVE-2026-47138)存在正则回溯,单个未认证请求即可导致服务瘫痪,攻击成本极低。
- 信息泄露与文件访问: FileBrowser Quantum路径遍历(CVE-2026-44542)允许越权读取共享文件;aiosend签名前反序列化(CVE-2026-???)可被利用探测内部接口。
🛡️ 缓解建议
- 立即修补曝露面漏洞: 优先升级Ubiquiti UniFi OS固件至最新版本,并在外网访问前添加身份认证或VPN限制。同时检查并更新Nezha Monitoring、Trend Micro Apex One至修复版本。
- 强化访问控制与最小权限: 针对Nezha等系统,核查所有非管理员用户的API访问权限,尤其是Cron和Notification路由。对YesWiki等Web应用,确保默认配置不暴露非必要表单导入接口。
- 启用Web应用防护与输入验证: 为公网应用部署WAF,对SQL注入、路径遍历和反序列化攻击进行实时拦截。对Parse Server等后端服务,立即禁用或加固客户端版本头部解析逻辑,防止DoS攻击。
- 审计第三方组件与插件: 检查BookingPress Pro等WordPress插件版本,限制文件上传类型。全面评估内部使用的开源库(如PyFory、aiosend)是否受影响,并优先更新已发布补丁的组件。
🚨 CISA-KEV(1 条)
Unknown (1 条)
- CVE-2026-9082 - Drupal Core SQL Injection Vulnerability
CVE-2026-9082
CVE-2026-9082 Drupal Core SQL Injection Vulnerability 产品: Drupal Core 描述: Drupal Core contains a SQL injection vulnerability that could allow for privilege…
🐙 GitHub-Advisory(13 条)
Critical (3 条)
- CVE-2026-46716 - Nezha Monitoring: RoleMember can run shell on every server (cross-tenant RCE) vi
CVE-2026-46716Critical
## Summary `nezha`'s dashboard supports two user roles: `RoleAdmin` (Role==0) and `RoleMember` (Role==1). The cron routes `POST /api/v1/cron` and `PATCH… - CVE-2026-46670 - YesWiki: Unauthenticated SQL Injection
CVE-2026-46670Critical
Summary An unauthenticated SQL injection in the Bazar form-import path (`FormManager::create()`) allows any unauthenticated visitor of a default YesWiki… - GHSA-qqqm-5547-774x - FileBrowser Quantum: Path traversal in public share PATCH allows file ops outsid
CVE-2026-44542Critical
## Summary `publicPatchHandler` in `backend/http/public.go` joins user-controlled `fromPath` and `toPath` body fields with the trusted `d.share.Path` BEFORE…
High (4 条)
- CVE-2026-46717 - Nezha Monitoring: RoleMember-reachable SSRF with full response-body reflection v
CVE-2026-46717High
## Summary nezha's dashboard supports two user roles: `RoleAdmin` (Role==0) and `RoleMember` (Role==1). The notification routes `POST /api/v1/notification` and… - CVE-2026-47138 - Parse Server: Pre-authentication denial of service via client version header reg
CVE-2026-47138High
Impact An unauthenticated attacker who knows a publicly-known Parse Application ID can submit a single HTTP request whose client SDK version field contains… - CVE-2026-47125 - Arcane: Missing admin authorization on global variables endpoint
CVE-2026-47125High
## Summary The `PUT /api/environments/{id}/templates/variables` endpoint, which writes the system-wide `.env.global` file used for variable substitution in… - GHSA-7m8f-hgjq-8gc9 - aiosend: Deserialization of request body before signature verification (Pre-auth High
# Vulnerability Description In `aiosend/webhook/base.py`, the `WebhookHandler.feed_update()` method performs full deserialization of the incoming JSON via…
Medium (6 条)
- CVE-2026-47120 - Nezha Monitoring: RoleMember can fire other users' cron tasks via AlertRule.Fail
CVE-2026-47120Medium
## Summary `createAlertRule` and `createService` (and their `update*` siblings) accept `FailTriggerTasks []uint64` and `RecoverTriggerTasks []uint64` — IDs of… - CVE-2026-47157 - aiograpi: Unsafe signup challenge path handling
CVE-2026-47157Medium
aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were… - GHSA-ggxf-37hm-9wqf - instagrapi: Unsafe signup challenge path handling in instagrapi Medium
instagrapi versions before 2.6.9 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were… - CVE-2026-47124 - Nezha Monitoring: Nezha WebSocket server stream discloses cross-tenant server te
CVE-2026-47124Medium
Summary Any authenticated non-admin member can connect to the server-status WebSocket and receive telemetry for all servers, including servers owned by other… - CVE-2026-8723 - qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/u
CVE-2026-8723Medium
Summary `qs.stringify` throws `TypeError` when called with `arrayFormat: 'comma'` and `encodeValuesOnly: true` on an array containing `null` or `undefined`.… - CVE-2026-46715 - Flask-Security-Too OAuth reauthentication freshness bypass via cross- user OAu
CVE-2026-46715Medium
Summary Flask-Security-Too 5.8.0's OAuth reauthentication flow can mark a session as fresh after verifying an OAuth account that belongs to a different user.…
🛡️ NVD-Latest(69 条)
Critical (13 条)
- CVE-2026-34910 A malicious actor with access to the network could exploit an Improper Input Val
CVE-2026-34910Critical 10.0
CVE-2026-34910 CVSS:10.0 A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to… - CVE-2026-34909 A malicious actor with access to the network could exploit a Path Traversal vuln
CVE-2026-34909Critical 10.0
CVE-2026-34909 CVSS:10.0 A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on… - CVE-2026-34908 A malicious actor with access to the network could exploit an Improper Access Co
CVE-2026-34908Critical 10.0
CVE-2026-34908 CVSS:10.0 A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make… - CVE-2026-44050 A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk
CVE-2026-44050Critical 9.9
CVE-2026-44050 CVSS:9.9 A heap-based buffer overflow in the CNID daemon comm_rcv() function in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated… - CVE-2026-6960 The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file upload
CVE-2026-6960Critical 9.8
CVE-2026-6960 CVSS:9.8 The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the… - CVE-2026-48207 Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializ
CVE-2026-48207Critical 9.8
CVE-2026-48207 CVSS:9.8 Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy… - CVE-2025-71211 A vulnerability in the Trend Micro Apex One management console could allow a rem
CVE-2025-71211Critical 9.8
CVE-2025-71211 CVSS:9.8 A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute… - CVE-2025-71210 A vulnerability in the Trend Micro Apex One management console could allow a rem
CVE-2025-71210Critical 9.8
CVE-2025-71210 CVSS:9.8 A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute… - CVE-2026-5118 The Divi Form Builder plugin for WordPress is vulnerable to privilege escalation
CVE-2026-5118Critical 9.8
CVE-2026-5118 CVSS:9.8 The Divi Form Builder plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.2. This is due to… - CVE-2026-6279 The Avada Builder (fusion-builder) plugin for WordPress is vulnerable to Unauthe
CVE-2026-6279Critical 9.8
CVE-2026-6279 CVSS:9.8 The Avada Builder (fusion-builder) plugin for WordPress is vulnerable to Unauthenticated Remote Code Execution via PHP Function… - CVE-2026-39531 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-39531Critical 9.3
CVE-2026-39531 CVSS:9.3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit… - CVE-2026-33000 A malicious actor with access to the network and high privileges could exploit a
CVE-2026-33000Critical 9.1
CVE-2026-33000 CVSS:9.1 A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in… - CVE-2026-5433 Honeywell Control Network Module (CNM) contains command injection vulnerability
CVE-2026-5433Critical 9.1
CVE-2026-5433 CVSS:9.1 Honeywell Control Network Module (CNM) contains command injection vulnerability in the web interface. An attacker could exploit this…
High (56 条)
- CVE-2026-47102 LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /us
CVE-2026-47102High 8.8
CVE-2026-47102 CVSS:8.8 LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. While the endpoint correctly… - CVE-2026-47101 LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API key
CVE-2026-47101High 8.8
CVE-2026-47101 CVSS:8.8 LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to routes that their role does not… - CVE-2026-47114 IINA before 1.4.3 contains a user-assisted command execution vulnerability that
CVE-2026-47114High 8.8
CVE-2026-47114 CVSS:8.8 IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands… - CVE-2026-9089 The ConnectWise Automate™ Agent does not fully verify the authenticity of compon
CVE-2026-9089High 8.8
CVE-2026-9089 CVSS:8.8 The ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained during plugin loading and self-update… - CVE-2026-39461 libcasper(3) communicates with helper processes via UNIX domain sockets, and use
CVE-2026-39461High 8.8
CVE-2026-39461 CVSS:8.8 libcasper(3) communicates with helper processes via UNIX domain sockets, and uses the select(2) system call to wait for data to become… - CVE-2026-44048 A stack-based buffer overflow via UCS-2 type confusion in convert_charset() in N
CVE-2026-44048High 8.8
CVE-2026-44048 CVSS:8.8 A stack-based buffer overflow via UCS-2 type confusion in convert_charset() in Netatalk 2.0.4 through 4.4.2 allows a remote… - CVE-2026-44047 An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 throu
CVE-2026-44047High 8.8
CVE-2026-44047 CVSS:8.8 An SQL injection vulnerability in the MySQL CNID backend in Netatalk 3.1.0 through 4.4.2 allows a remote authenticated attacker to… - CVE-2026-2740 Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus
CVE-2026-2740High 8.4
CVE-2026-2740 CVSS:8.4 Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and RecoveryManager Plus before 6313 are… - CVE-2026-45253 ptrace(PT_SC_REMOTE) failed to properly validate parameters for the syscall(2) a
CVE-2026-45253High 8.4
CVE-2026-45253 CVSS:8.4 ptrace(PT_SC_REMOTE) failed to properly validate parameters for the syscall(2) and __syscall(2) meta-system calls. As a result, a user… - CVE-2026-9157 Improper input validation, Unrestricted upload of file with dangerous type vulne
CVE-2026-9157High 8.4
CVE-2026-9157 CVSS:8.4 Improper input validation, Unrestricted upload of file with dangerous type vulnerability in Gmission Web Fax allows Remote Code… - CVE-2026-48235 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/r
CVE-2026-48235High 8.2
CVE-2026-48235 CVSS:8.2 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in incs/remotes.inc.php where latitude, longitude, callsign,… - CVE-2026-48242 Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection cre
CVE-2026-48242High 8.1
CVE-2026-48242 CVSS:8.1 Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials (host, username, password, database name) in… - CVE-2026-48241 Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in
CVE-2026-48241High 8.1
CVE-2026-48241 CVSS:8.1 Open ISES Tickets before 3.44.2 contains hardcoded MySQL database credentials in loader.php (a public-facing database utility) that are… - CVE-2026-44051 An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows
CVE-2026-44051High 8.1
CVE-2026-44051 CVSS:8.1 An improper link resolution vulnerability in Netatalk 3.0.2 through 4.4.2 allows a remote authenticated attacker to read arbitrary… - CVE-2026-4858 Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.
CVE-2026-4858High 8.0
CVE-2026-4858 CVSS:8.0 Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to check integration URL for path… - CVE-2026-45208 A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow
CVE-2026-45208High 7.8
CVE-2026-45208 CVSS:7.8 A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected… - CVE-2026-45207 An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-45207High 7.8
CVE-2026-45207 CVSS:7.8 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected… - CVE-2026-45206 An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-45206High 7.8
CVE-2026-45206 CVSS:7.8 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected… - CVE-2026-34930 An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-34930High 7.8
CVE-2026-34930 CVSS:7.8 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected… - CVE-2026-34929 An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-34929High 7.8
CVE-2026-34929 CVSS:7.8 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected… - CVE-2026-34928 An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-34928High 7.8
CVE-2026-34928 CVSS:7.8 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected… - CVE-2026-34927 An origin validation vulnerability in the Apex One/SEP agent could allow a local
CVE-2026-34927High 7.8
CVE-2026-34927 CVSS:7.8 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected… - CVE-2025-71217 An origin validation error vulnerability in the Trend Micro Apex One (mac) agent
CVE-2025-71217High 7.8
CVE-2025-71217 CVSS:7.8 An origin validation error vulnerability in the Trend Micro Apex One (mac) agent self-protection mechanism could allow a local attacker… - CVE-2025-71216 A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agen
CVE-2025-71216High 7.8
CVE-2025-71216 CVSS:7.8 A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent cache mechanism could allow a local attacker to… - CVE-2025-71214 An origin validation error vulnerability in the Trend Micro Apex One (mac) agent
CVE-2025-71214High 7.8
CVE-2025-71214 CVSS:7.8 An origin validation error vulnerability in the Trend Micro Apex One (mac) agent iCore service could allow a local attacker to escalate… - CVE-2025-71213 An origin validation error vulnerability in Trend Micro Apex One could allow a l
CVE-2025-71213High 7.8
CVE-2025-71213 CVSS:7.8 An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected… - CVE-2025-71212 A link following vulnerability in the Trend Micro Apex One scan engine could all
CVE-2025-71212High 7.8
CVE-2025-71212 CVSS:7.8 A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected… - CVE-2026-45251 A file descriptor can be closed while a thread is blocked in a poll(2) or select
CVE-2026-45251High 7.8
CVE-2026-45251 CVSS:7.8 A file descriptor can be closed while a thread is blocked in a poll(2) or select(2) call waiting for that descriptor. Because the… - CVE-2026-28764 MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerabil
CVE-2026-28764High 7.8
CVE-2026-28764 CVSS:7.8 MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability 产品: - CVE-2026-45250 The setcred(2) system call is only available to privileged users. However, befo
CVE-2026-45250High 7.8
CVE-2026-45250 CVSS:7.8 The setcred(2) system call is only available to privileged users. However, before the privilege level of the caller is checked, the… - CVE-2026-34911 A malicious actor with access to the network and low privileges could exploit a
CVE-2026-34911High 7.7
CVE-2026-34911 CVSS:7.7 A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices… - CVE-2026-44068 Incomplete sanitization of extended attribute (EA) path components in Netatalk 2
CVE-2026-44068High 7.6
CVE-2026-44068 CVSS:7.6 Incomplete sanitization of extended attribute (EA) path components in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated… - CVE-2026-46473 Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secret
CVE-2026-46473High 7.5
CVE-2026-46473 CVSS:7.5 Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function,… - CVE-2025-13479 Authorization bypass through User-Controlled key vulnerability in PosCube Hardwa
CVE-2025-13479High 7.5
CVE-2025-13479 CVSS:7.5 Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows… - CVE-2026-45255 When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, the
CVE-2026-45255High 7.5
CVE-2026-45255 CVSS:7.5 When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog(1)… - CVE-2026-42001 Insufficient Validation of Autoprimary SOA Queries
CVE-2026-42001High 7.5
CVE-2026-42001 CVSS:7.5 Insufficient Validation of Autoprimary SOA Queries 产品: - CVE-2026-44062 A missing output length bounds check in pull_charset_flags() in Netatalk 2.0.4 t
CVE-2026-44062High 7.5
CVE-2026-44062 CVSS:7.5 A missing output length bounds check in pull_charset_flags() in Netatalk 2.0.4 through 4.4.2 allows a remote authenticated attacker to… - CVE-2026-44060 An integer underflow in dsi_writeinit() in Netatalk 1.5.0 through 4.4.2 allows a
CVE-2026-44060High 7.5
CVE-2026-44060 CVSS:7.5 An integer underflow in dsi_writeinit() in Netatalk 1.5.0 through 4.4.2 allows a remote unauthenticated attacker to cause a denial of… - CVE-2026-44055 A logic error involving bitwise OR operations in Netatalk 3.1.4 through 4.4.2 al
CVE-2026-44055High 7.5
CVE-2026-44055 CVSS:7.5 A logic error involving bitwise OR operations in Netatalk 3.1.4 through 4.4.2 allows a remote authenticated attacker to inject OS… - CVE-2026-44052 Netatalk 2.1.0 through 4.4.2 inserts LDAP simple-bind passwords into log output
CVE-2026-44052High 7.5
CVE-2026-44052 CVSS:7.5 Netatalk 2.1.0 through 4.4.2 inserts LDAP simple-bind passwords into log output in cleartext, which allows an attacker with access to… - CVE-2026-44049 An out-of-bounds write due to improper null termination in convert_charset() in
CVE-2026-44049High 7.5
CVE-2026-44049 CVSS:7.5 An out-of-bounds write due to improper null termination in convert_charset() in Netatalk 2.0.4 through 4.4.2 allows a remote… - CVE-2026-44053 Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST
CVE-2026-44053High 7.4
CVE-2026-44053 CVSS:7.4 Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain… - CVE-2026-44058 An authentication bypass vulnerability in Netatalk 2.2.2 through 4.4.2 allows a
CVE-2026-44058High 7.2
CVE-2026-44058 CVSS:7.2 An authentication bypass vulnerability in Netatalk 2.2.2 through 4.4.2 allows a remote privileged user to authenticate as an arbitrary… - CVE-2026-48240 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/s
CVE-2026-48240High 7.1
CVE-2026-48240 CVSS:7.1 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tick_id and f_tick_id POST… - CVE-2026-48239 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/r
CVE-2026-48239High 7.1
CVE-2026-48239 CVSS:7.1 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/reports.php where the tick_id POST parameter is… - CVE-2026-48238 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/m
CVE-2026-48238High 7.1
CVE-2026-48238 CVSS:7.1 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/mobile_main.php where the id GET parameter is… - CVE-2026-48237 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in messag
CVE-2026-48237High 7.1
CVE-2026-48237 CVSS:7.1 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in message.php where the frm_ticket_id and frm_resp_id POST… - CVE-2026-48236 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in db_loa
CVE-2026-48236High 7.1
CVE-2026-48236 CVSS:7.1 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in db_loader.php where the multiple POST parameters (ticketsdb,… - CVE-2026-48234 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in portal
CVE-2026-48234High 7.1
CVE-2026-48234 CVSS:7.1 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in portal/ajax/list_requests.php where the sort and dir GET… - CVE-2026-48233 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/s
CVE-2026-48233High 7.1
CVE-2026-48233 CVSS:7.1 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/sit_incidents.php where the offset GET parameter is… - CVE-2026-48232 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/f
CVE-2026-48232High 7.1
CVE-2026-48232 CVSS:7.1 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/fullsit_incidents.php where the offset GET parameter is… - CVE-2026-48231 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in tables
CVE-2026-48231High 7.1
CVE-2026-48231 CVSS:7.1 Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in tables.php where the multiple POST parameters (tablename,… - CVE-2025-13477 Exposure of private personal information to an unauthorized actor, Insufficientl
CVE-2025-13477High 7.1
CVE-2025-13477 CVSS:7.1 Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credentials vulnerability in Digital… - CVE-2026-44066 Multiple heap out-of-bounds reads in the Spotlight RPC unmarshalling code in Net
CVE-2026-44066High 7.1
CVE-2026-44066 CVSS:7.1 Multiple heap out-of-bounds reads in the Spotlight RPC unmarshalling code in Netatalk 3.1.0 through 4.4.2 allow a remote authenticated… - CVE-2026-44064 An out-of-bounds read in ASP session ID handling in Netatalk 1.3 through 4.4.2 a
CVE-2026-44064High 7.1
CVE-2026-44064 CVSS:7.1 An out-of-bounds read in ASP session ID handling in Netatalk 1.3 through 4.4.2 allows an adjacent network attacker to obtain limited… - CVE-2025-71215 A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agen
CVE-2025-71215High 7.0
CVE-2025-71215 CVSS:7.0 A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent iCore service signature verification could allow a…
⚔️ Sploitus(117 条)
Unknown (117 条)
- authencesn-poc exploit
-authencesn-poc exploit - Exploit for Improper Access Control in Fiberhome Hg6145F1_Firmware exploit
Exploit for Improper Access Control in Fiberhome Hg6145F1_Firmware exploit
…另有 115 条 Unknown 级漏洞(已省略)
🤖 漏洞情报自动汇总 · 2026-05-26 · 数据来源: NVD / GitHub Advisory / Sploitus / CISA-KEV